DOS over wep application

peace upon you guys

today i will share with you a bug i have recently found in some target which was depending on Denial Of Service over web app

so without wasting any time, let’s jump in…

our target was having a feature that allowd you to add contacts in your contact page just by their names only // enter contact name , if it exists in the DB it will be added, the issue was that page splitting wasn’t enabled meaning all your added contacts will be in the same page.

so if we able to add for example 10K contact in the same page u can guess how much it takes the server to load the whole page.

what i did is that i have collected about 200K valid names from some github repos and txt files on Google, then i tried the whole wordlist againts our taget

finally i was able to add just 10K contact but at the end it was sufficient POC for our attack as there was a delay from a server about 10 seconds

10 seconds delay

steps:

1- go to contact page add some user

2- intercept your request with burp and send it to intruder

3- in the payload section of intruder tab paste your wordlist

4- start your attack and monitor server delay while loading the page

and yeah we have able to trigger a delay of about 10 seconds !!

thank you for reading ! hope you enjoyed it…

you can find me on twitter @0xMohamed_Ayad

also linkedin @0xmh3yad

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store